lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20231208093726.371fd47e@hermes.local>
Date: Fri, 8 Dec 2023 09:37:26 -0800
From: Stephen Hemminger <stephen@...workplumber.org>
To: Arjun Mehta <arjunmeht@...il.com>
Cc: netdev@...r.kernel.org
Subject: Re: Rx issues with Linux Bridge and thunderbolt-net

On Fri, 8 Dec 2023 10:30:39 -0700
Arjun Mehta <arjunmeht@...il.com> wrote:

> Hi Stephen, thank you for the reply.
> 
> Proxmox does use a kernel derived from Ubuntu I believe (eg. kernel for Proxmox 8.1 which is what I'm using is 6.5.11-6-pve derived from Ubuntu 23.10). Not sure if there have been any modifications to the Linux Bridge in it.
> https://pve.proxmox.com/wiki/Proxmox_VE_Kernel#Proxmox_VE_8.x
> 
> Long shot, but do you happen to know of any workarounds with the Wifi interface issue you mentioned that would mitigate this issue? Maybe they would apply here.
> 
> I will also post to the Proxmox forums about this issue to flag for them.
> 
> Arjun

With VM's the issue is that many hosts have source address protection in
either the SW or HW for VF's to prevent address spoofing. 
This means you can't run a L2 bridge in the guest.

The only mitigation is to do some form of Layer 2 NAT.
Possible, but I have never done it, and likely to have scaling issues.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ